MalwareIntelligence is a site dedicated to research on all matters relating to anti-malware security, criminology computing and information security in general, always from a perspective closely related to the field of intelligence.

11.3.09

Seeing the amount of Russian domains created to spread malware, and the wide variety of applications designed from those lands to make different types of crimes who seek to keep the most valuable commodity: information; imagine Russia as if it were something like the world Gibson describes in Neuromancer where old dark lanes are used for the illegal sale and rental of all types of programs designed to break the security protections.Computer criminals and black market crimeware seem to be the order of the day in Russia. Whereupon, I reflect some numbers that give an idea of what it can cost to mount attacks across a large number of "available resources", as would a mercenary, to the highest bidder.

Sploit 25It is a crimeware containing different exploit for vulnerabilities in Internet Explorer 6 and 7, and PDF. There is a Lite version is worth USD 1500 and USD 2500 the Pro version

Unique Sploits PackAnother crimeware that contains several different exploits for vulnerabilities. Its value is USD 600. For USD 100 can access the updates and USD 50 to the encryption module.

Neon Exploit SystemA set of exploits designed to exploit vulnerabilities in Microsoft platforms and different applications for mass use. The value of this crimeware is USD 500.

XS [S] hkatulkaSet script designed to break passwords webmail through XSS. According to its creators, the application is ideal to start earning money by providing services to obtain the passwords of email accounts. As the investigator of Research Computing. :-) Its value is USD 110.

Crypt Zeus (a)It is a service designed to encrypt the trojans recruiting zombies for the botnet PCs ZeuS. The "services" offered are:

Building individual crypts (your.exe) the first time: USD 49

Building individual crypts (your.exe) encrypting every two hours: USD 46

Building individual crypts (your.exe) encrypting every three hours: USD 43

Small and Private FriJoinerAn application developed to merge executable files. This type of application is widely used by disseminators of malware to prevent malicious code is detected. Small version costs USD 10 and version Private USD 15.

Genom iframerSolutions designed to automate the iframe tag injection at vulnerable sites. Its value is USD 40.

Polymorphic Cryptor CRUM

Crypt with polymorphic features designed to prevent malware detection by antivirus companies. Its cost of USD 100.This is only a short list that represents a tiny percentage compared to the amount and variety of crimeware applications.Most attacks that use the Internet as a base for attacks carried out with programs of this style, but we must be aware that the more informed we are and we use the best security technologies, the greater the level of protection in our information environments.